diff --git a/Shorewall-common/install.sh b/Shorewall-common/install.sh index b0226fa36..48f9aea78 100755 --- a/Shorewall-common/install.sh +++ b/Shorewall-common/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.2.5 +VERSION=4.2.6 usage() # $1 = exit status { @@ -641,6 +641,15 @@ if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/started ]; then echo "Started file installed as ${PREFIX}/etc/shorewall/started" fi # +# Install the Restored file +# +run_install $OWNERSHIP -m 0644 restored ${PREFIX}/usr/share/shorewall/configfiles/restored + +if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall/restored ]; then + run_install $OWNERSHIP -m 0600 restored ${PREFIX}/etc/shorewall/restored + echo "Restored file installed as ${PREFIX}/etc/shorewall/restored" +fi +# # Install the Standard Actions file # install_file actions.std ${PREFIX}/usr/share/shorewall/actions.std 0644 diff --git a/Shorewall-common/restored b/Shorewall-common/restored new file mode 100644 index 000000000..df272d190 --- /dev/null +++ b/Shorewall-common/restored @@ -0,0 +1,13 @@ +# +# Shorewall version 4 - Restored File +# +# /etc/shorewall/restored +# +# Add commands below that you want to be executed after shorewall has +# been completed a 'restore' command. +# +# See http://shorewall.net/shorewall_extension_scripts.htm for additional +# information. +# +############################################################################### +#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE diff --git a/Shorewall-common/shorewall-common.spec b/Shorewall-common/shorewall-common.spec index 91559d323..647a499ae 100644 --- a/Shorewall-common/shorewall-common.spec +++ b/Shorewall-common/shorewall-common.spec @@ -1,5 +1,5 @@ %define name shorewall-common -%define version 4.2.5 +%define version 4.2.6 %define release 0base Summary: Shoreline Firewall is an iptables-based firewall for Linux systems. @@ -108,6 +108,7 @@ fi %attr(0600,root,root) %config(noreplace) /etc/shorewall/actions %attr(0600,root,root) %config(noreplace) /etc/shorewall/continue %attr(0600,root,root) %config(noreplace) /etc/shorewall/started +%attr(0600,root,root) %config(noreplace) /etc/shorewall/restored %attr(0600,root,root) %config(noreplace) /etc/shorewall/providers %attr(0600,root,root) %config(noreplace) /etc/shorewall/route_rules %attr(0600,root,root) %config(noreplace) /etc/shorewall/tcclasses @@ -162,6 +163,7 @@ fi %attr(0644,root,root) /usr/share/shorewall/configfiles/actions %attr(0644,root,root) /usr/share/shorewall/configfiles/continue %attr(0644,root,root) /usr/share/shorewall/configfiles/started +%attr(0644,root,root) /usr/share/shorewall/configfiles/restored %attr(0644,root,root) /usr/share/shorewall/configfiles/providers %attr(0644,root,root) /usr/share/shorewall/configfiles/route_rules %attr(0644,root,root) /usr/share/shorewall/configfiles/tcclasses @@ -172,9 +174,17 @@ fi %attr(0644,root,root) %{_mandir}/man5/* %attr(0644,root,root) %{_mandir}/man8/shorewall.8.gz -%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples +%doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn Samples swping swping.init isusable %changelog +* Thu Feb 05 2009 Tom Eastep tom@shorewall.net +- Add 'restored' script +* Wed Feb 04 2009 Tom Eastep tom@shorewall.net +- Updated to 4.2.6-0base +* Fri Jan 30 2009 Tom Eastep tom@shorewall.net +- Added swping files to the doc directory +* Thu Jan 29 2009 Tom Eastep tom@shorewall.net +- Updated to 4.2.6-0base * Tue Jan 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.2.5-0base * Thu Dec 25 2008 Tom Eastep tom@shorewall.net diff --git a/Shorewall-perl/Shorewall/Compiler.pm b/Shorewall-perl/Shorewall/Compiler.pm index 34eee6f8f..12dffdb18 100644 --- a/Shorewall-perl/Shorewall/Compiler.pm +++ b/Shorewall-perl/Shorewall/Compiler.pm @@ -99,7 +99,7 @@ sub generate_script_1() { } } - for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed/ { + for my $exit qw/init isusable start tcclear started stop stopped clear refresh refreshed restored/ { emit "\nrun_${exit}_exit() {"; push_indent; append_file $exit or emit 'true'; @@ -831,6 +831,7 @@ EOF push_indent; emit<<'EOF'; set_state "Started" + run_restored_exit else if [ $COMMAND = refresh ]; then chainlist_reload diff --git a/Shorewall-perl/prog.header b/Shorewall-perl/prog.header index 2815a00c5..f34f2c999 100644 --- a/Shorewall-perl/prog.header +++ b/Shorewall-perl/prog.header @@ -796,6 +796,27 @@ add_ip_aliases() # $* = List of addresses done } +detect_dynamic_gateway() { # $1 = interface + local interface + interface=$1 + local GATEWAYS + GATEWAYS= + local gateway + # + # First assume that this is some sort of point-to-point interface + # + gateway=$( find_peer $(ip addr list $interface ) ) + # + # If that didn't work, then try DHCP + # + if [ -z "$gateway" -a -f /var/lib/dhcpcd/dhcpcd-${1}.info ]; then + eval $(grep ^GATEWAYS= /var/lib/dhcpcd/dhcpcd-${1}.info 2> /dev/null) + [ -n "$GATEWAYS" ] && GATEWAYS=${GATEWAYS%,*} && gateway=$GATEWAYS + fi + + [ -n "$gateway" ] && echo $gateway +} + detect_gateway() # $1 = interface { local interface @@ -809,6 +830,10 @@ detect_gateway() # $1 = interface # [ -n "$gateway" ] || gateway=$(find_gateway $(ip -4 route list dev $interface | grep ^default)) # + # Next try dhcpcd's info file for the interface + # + [ -n "$gateway" ] || gateway=$(get_dhcp_gateway) + # # Last hope -- is there a load-balancing route through the interface? # [ -n "$gateway" ] || gateway=$(find_nexthop $interface) diff --git a/Shorewall6/install.sh b/Shorewall6/install.sh index 445cd4241..01606187d 100755 --- a/Shorewall6/install.sh +++ b/Shorewall6/install.sh @@ -22,7 +22,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. # -VERSION=4.2.5 +VERSION=4.2.6 usage() # $1 = exit status { @@ -535,6 +535,15 @@ if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall6/started ]; then echo "Started file installed as ${PREFIX}/etc/shorewall6/started" fi # +# Install the Restored file +# +run_install $OWNERSHIP -m 0644 restored ${PREFIX}/usr/share/shorewall6/configfiles/restored + +if [ -z "$CYGWIN" -a ! -f ${PREFIX}/etc/shorewall6/restored ]; then + run_install $OWNERSHIP -m 0600 restored ${PREFIX}/etc/shorewall6/restored + echo "Restored file installed as ${PREFIX}/etc/shorewall6/restored" +fi +# # Install the Standard Actions file # install_file actions.std ${PREFIX}/usr/share/shorewall6/actions.std 0644 diff --git a/Shorewall6/restored b/Shorewall6/restored new file mode 100644 index 000000000..4147d93db --- /dev/null +++ b/Shorewall6/restored @@ -0,0 +1,13 @@ +# +# Shorewall 6 version 4 - Restored File +# +# /etc/shorewall6/restored +# +# Add commands below that you want to be executed after shorewall6 has +# been completed a 'restore' command. +# +# See http://shorewall.net/shorewall_extension_scripts.htm for additional +# information. +# +############################################################################### +#LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE diff --git a/Shorewall6/shorewall6.spec b/Shorewall6/shorewall6.spec index cb20cc0be..289f4fa35 100644 --- a/Shorewall6/shorewall6.spec +++ b/Shorewall6/shorewall6.spec @@ -1,5 +1,5 @@ %define name shorewall6 -%define version 4.2.5 +%define version 4.2.6 %define release 0base Summary: Shoreline Firewall 6 is an ip6tables-based firewall for Linux systems. @@ -86,6 +86,7 @@ fi %attr(0600,root,root) %config(noreplace) /etc/shorewall6/accounting %attr(0600,root,root) %config(noreplace) /etc/shorewall6/actions %attr(0600,root,root) %config(noreplace) /etc/shorewall6/started +%attr(0600,root,root) %config(noreplace) /etc/shorewall6/restored %attr(0600,root,root) %config(noreplace) /etc/shorewall6/providers %attr(0600,root,root) %config(noreplace) /etc/shorewall6/route_rules %attr(0600,root,root) %config(noreplace) /etc/shorewall6/tcclasses @@ -128,6 +129,7 @@ fi %attr(0644,root,root) /usr/share/shorewall6/configfiles/accounting %attr(0644,root,root) /usr/share/shorewall6/configfiles/actions %attr(0644,root,root) /usr/share/shorewall6/configfiles/started +%attr(0644,root,root) /usr/share/shorewall6/configfiles/restored %attr(0644,root,root) /usr/share/shorewall6/configfiles/providers %attr(0644,root,root) /usr/share/shorewall6/configfiles/route_rules %attr(0644,root,root) /usr/share/shorewall6/configfiles/tcclasses @@ -140,6 +142,12 @@ fi %doc COPYING INSTALL changelog.txt releasenotes.txt tunnel ipsecvpn ipv6 Samples6 %changelog +* Wed Feb 05 2009 Tom Eastep tom@shorewall.net +- Added 'restored' script +* Wed Feb 04 2009 Tom Eastep tom@shorewall.net +- Updated to 4.2.6-0base +* Thu Jan 29 2009 Tom Eastep tom@shorewall.net +- Updated to 4.2.6-0base * Tue Jan 06 2009 Tom Eastep tom@shorewall.net - Updated to 4.2.5-0base * Thu Dec 25 2008 Tom Eastep tom@shorewall.net